Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=28cf.cc
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 16, 2026
Valid Until
July 15, 2026
54 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
48:25:86:19:78:28:A3:F1:B4:34:34:81:96:6F:7D:48:2F:4E:13:FE:1F:03:50:3E:20:17:86:8E:3A:0F:3E:C2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
toolstoda.com
*.toolstoda.com
28cf.cc
*.28cf.cc
40612.locker
*.40612.locker
9041.win
*.9041.win
a5v7.cc
*.a5v7.cc
aahbk.today
*.aahbk.today
agoraiinnovationhub.com
*.agoraiinnovationhub.com
allinmedya.com
*.allinmedya.com
argodry.com
*.argodry.com
asia888api.com
*.asia888api.com
bloodfarm.news
*.bloodfarm.news
buyingpower.xyz
*.buyingpower.xyz
casx.bet
*.casx.bet
cell-phone-cl-31.sbs
*.cell-phone-cl-31.sbs
celularfacil.sbs
*.celularfacil.sbs
charminx.com
*.charminx.com
chestnutchoosing.com
*.chestnutchoosing.com
choixo88.fit
*.choixo88.fit
clumi.com
*.clumi.com
comprar-casa-con-facilidades-de-pago-colombia.sbs
*.comprar-casa-con-facilidades-de-pago-colombia.sbs
contentics.com
*.contentics.com
corporate-holiday-party-venue431.click
*.corporate-holiday-party-venue431.click
crystalwaupshaut.com
*.crystalwaupshaut.com
cygolf.com
*.cygolf.com
data-analytics-ae-5943.click
*.data-analytics-ae-5943.click
dfcz.cc
*.dfcz.cc
dmqkwtw100.vip
*.dmqkwtw100.vip
ggear.org
*.ggear.org
goexcpl.com
*.goexcpl.com
hvn7778.com
*.hvn7778.com
hyperfuelinvest.com
*.hyperfuelinvest.com
micedge.store
*.micedge.store
mopko.net
*.mopko.net
qyc97.com
*.qyc97.com
surtt.town
*.surtt.town
teqawards.com
*.teqawards.com
theadventuremedia.com
*.theadventuremedia.com
thevestusstudio.business
*.thevestusstudio.business
tvszu.town
*.tvszu.town
virtualscratchoffs.com
*.virtualscratchoffs.com
vrrlaw.com
*.vrrlaw.com
y7x5.com
*.y7x5.com
yes77tar.info
*.yes77tar.info
yinlong.art
*.yinlong.art
z6383r6.top
*.z6383r6.top
Other domains in certificate